Security Advisory cups security update

Advisory: RHSA-2005:706-04
Type: Security Advisory
Severity: Important
Issued on: 2005-08-09
Last updated on: 2005-08-09
Affected Products: Red Hat Desktop (v. 3)
Red Hat Desktop (v. 4)
Red Hat Enterprise Linux AS (v. 3)
Red Hat Enterprise Linux AS (v. 4)
Red Hat Enterprise Linux ES (v. 3)
Red Hat Enterprise Linux ES (v. 4)
Red Hat Enterprise Linux WS (v. 3)
Red Hat Enterprise Linux WS (v. 4)
OVAL: N/A
CVEs (cve.mitre.org): CVE-2005-2097

Details

Updated CUPS packages that fix a security issue are now available for Red
Hat Enterprise Linux.

This update has been rated as having important security impact by the Red Hat
Security Response Team.

The Common UNIX Printing System (CUPS) provides a portable printing layer for
UNIX(R) operating systems.

When processing a PDF file, bounds checking was not correctly performed on
some fields. This could cause the pdftops filter (running as user "lp") to
crash. The Common Vulnerabilities and Exposures project has assigned the
name CAN-2005-2097 to this issue.

All users of CUPS should upgrade to these erratum packages, which contain a
patch to correct this issue.


Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied. Use Red Hat
Network to download and update your packages. To launch the Red Hat
Update Agent, use the following command:

up2date

For information on how to install packages manually, refer to the
following Web page for the System Administration or Customization
guide specific to your system:

http://www.redhat.com/docs/manuals/enterprise/

Updated packages

Red Hat Desktop (v. 3)
SRPMS:
cups-1.1.17-13.3.31.src.rpm
File outdated by:  RHSA-2009:1083		     6fdfeda1620e95a6ed9141398adb88be
 
IA-32:
cups-1.1.17-13.3.31.i386.rpm
File outdated by:  RHSA-2009:1083		     6f53077afd334ef360da78265a1d3015
cups-devel-1.1.17-13.3.31.i386.rpm
File outdated by:  RHSA-2009:1083		     313336568455c6bf53c465b6b9ddfe6b
cups-libs-1.1.17-13.3.31.i386.rpm
File outdated by:  RHSA-2009:1083		     f38c9a11506ae85d5de4ddf721dfd1a0
 
x86_64:
cups-1.1.17-13.3.31.x86_64.rpm
File outdated by:  RHSA-2009:1083		     d737dd5cb793f4ad445d93d33b48e082
cups-devel-1.1.17-13.3.31.x86_64.rpm
File outdated by:  RHSA-2009:1083		     75ad39e7ec8114ceb2dd1653df48f6c9
cups-libs-1.1.17-13.3.31.i386.rpm
File outdated by:  RHSA-2009:1083		     f38c9a11506ae85d5de4ddf721dfd1a0
cups-libs-1.1.17-13.3.31.x86_64.rpm
File outdated by:  RHSA-2009:1083		     7a874e6ac4f4b128041f150cc08a90bb
 
Red Hat Desktop (v. 4)
SRPMS:
cups-1.1.22-0.rc1.9.7.src.rpm     9b035487b0771701ede6d2127d250127
 
IA-32:
cups-1.1.22-0.rc1.9.7.i386.rpm
File outdated by:  RHSA-2009:1083		     4c7c20b95e38b497aa610332ce2d0551
cups-devel-1.1.22-0.rc1.9.7.i386.rpm
File outdated by:  RHSA-2009:1083		     b8863c846afdf0fce99de34e2ad0ee27
cups-libs-1.1.22-0.rc1.9.7.i386.rpm
File outdated by:  RHSA-2009:1083		     83c915a577bb1e14ff7b41971c37088d
 
x86_64:
cups-1.1.22-0.rc1.9.7.x86_64.rpm
File outdated by:  RHSA-2009:1083		     f8cdf81a6645b4b7c4955a36a35d0f2f
cups-devel-1.1.22-0.rc1.9.7.x86_64.rpm
File outdated by:  RHSA-2009:1083		     e6d59fe158d842f92594c3fc0f12a04a
cups-libs-1.1.22-0.rc1.9.7.i386.rpm
File outdated by:  RHSA-2009:1083		     83c915a577bb1e14ff7b41971c37088d
cups-libs-1.1.22-0.rc1.9.7.x86_64.rpm
File outdated by:  RHSA-2009:1083		     723689c347475e508dd2adf82d6c8a0c
 
Red Hat Enterprise Linux AS (v. 3)
SRPMS:
cups-1.1.17-13.3.31.src.rpm
File outdated by:  RHSA-2009:1083		     6fdfeda1620e95a6ed9141398adb88be
 
IA-32:
cups-1.1.17-13.3.31.i386.rpm
File outdated by:  RHSA-2009:1083		     6f53077afd334ef360da78265a1d3015
cups-devel-1.1.17-13.3.31.i386.rpm
File outdated by:  RHSA-2009:1083		     313336568455c6bf53c465b6b9ddfe6b
cups-libs-1.1.17-13.3.31.i386.rpm
File outdated by:  RHSA-2009:1083		     f38c9a11506ae85d5de4ddf721dfd1a0
 
IA-64:
cups-1.1.17-13.3.31.ia64.rpm
File outdated by:  RHSA-2009:1083		     0e3c6790b045e27c30c8546ef147a6b6
cups-devel-1.1.17-13.3.31.ia64.rpm
File outdated by:  RHSA-2009:1083		     da9e2d61e6ea694b691d43015d044648
cups-libs-1.1.17-13.3.31.i386.rpm
File outdated by:  RHSA-2009:1083		     f38c9a11506ae85d5de4ddf721dfd1a0
cups-libs-1.1.17-13.3.31.ia64.rpm
File outdated by:  RHSA-2009:1083		     42bbd422f83eae3bd94a67709aabc9b6
 
PPC:
cups-1.1.17-13.3.31.ppc.rpm
File outdated by:  RHSA-2009:1083		     2ef8571cde9f6fc0ba6ffa7cf4bcffcf
cups-devel-1.1.17-13.3.31.ppc.rpm
File outdated by:  RHSA-2009:1083		     ea06586a5d0edece302f465cc06655b9
cups-libs-1.1.17-13.3.31.ppc.rpm
File outdated by:  RHSA-2009:1083		     d5864d0bc6ffafb60e5512b72cd1deee
cups-libs-1.1.17-13.3.31.ppc64.rpm
File outdated by:  RHSA-2009:1083		     070c52a8fff483d5b2977f41af8c2d48
 
s390:
cups-1.1.17-13.3.31.s390.rpm
File outdated by:  RHSA-2009:1083		     e8a3333a4f41f4d286e30d2ba6dac182
cups-devel-1.1.17-13.3.31.s390.rpm
File outdated by:  RHSA-2009:1083		     64b0004da2a22335600116c4fd62655a
cups-libs-1.1.17-13.3.31.s390.rpm
File outdated by:  RHSA-2009:1083		     73fd8d9b5532dfcb6512af45e2e0bb4c
 
s390x:
cups-1.1.17-13.3.31.s390x.rpm
File outdated by:  RHSA-2009:1083		     930e0db46c1e076b8e79d6bf712a5996
cups-devel-1.1.17-13.3.31.s390x.rpm
File outdated by:  RHSA-2009:1083		     624a554a09a737def3b20b19a65755e0
cups-libs-1.1.17-13.3.31.s390.rpm
File outdated by:  RHSA-2009:1083		     73fd8d9b5532dfcb6512af45e2e0bb4c
cups-libs-1.1.17-13.3.31.s390x.rpm
File outdated by:  RHSA-2009:1083		     d56b117031bccc86a8c827e9d0cf7ade
 
x86_64:
cups-1.1.17-13.3.31.x86_64.rpm
File outdated by:  RHSA-2009:1083		     d737dd5cb793f4ad445d93d33b48e082
cups-devel-1.1.17-13.3.31.x86_64.rpm
File outdated by:  RHSA-2009:1083		     75ad39e7ec8114ceb2dd1653df48f6c9
cups-libs-1.1.17-13.3.31.i386.rpm
File outdated by:  RHSA-2009:1083		     f38c9a11506ae85d5de4ddf721dfd1a0
cups-libs-1.1.17-13.3.31.x86_64.rpm
File outdated by:  RHSA-2009:1083		     7a874e6ac4f4b128041f150cc08a90bb
 
Red Hat Enterprise Linux AS (v. 4)
SRPMS:
cups-1.1.22-0.rc1.9.7.src.rpm     9b035487b0771701ede6d2127d250127
 
IA-32:
cups-1.1.22-0.rc1.9.7.i386.rpm
File outdated by:  RHSA-2009:1083		     4c7c20b95e38b497aa610332ce2d0551
cups-devel-1.1.22-0.rc1.9.7.i386.rpm
File outdated by:  RHSA-2009:1083		     b8863c846afdf0fce99de34e2ad0ee27
cups-libs-1.1.22-0.rc1.9.7.i386.rpm
File outdated by:  RHSA-2009:1083		     83c915a577bb1e14ff7b41971c37088d
 
IA-64:
cups-1.1.22-0.rc1.9.7.ia64.rpm
File outdated by:  RHSA-2009:1083		     3ff6481aeaeef012e63a7effe7aad71b
cups-devel-1.1.22-0.rc1.9.7.ia64.rpm
File outdated by:  RHSA-2009:1083		     133970e22eb1094d10c431809374e897
cups-libs-1.1.22-0.rc1.9.7.i386.rpm
File outdated by:  RHSA-2009:1083		     83c915a577bb1e14ff7b41971c37088d
cups-libs-1.1.22-0.rc1.9.7.ia64.rpm
File outdated by:  RHSA-2009:1083		     9b1edfb8aef5edfe2a77e717dd0908cd
 
PPC:
cups-1.1.22-0.rc1.9.7.ppc.rpm
File outdated by:  RHSA-2009:1083		     aeee85359fb8d62f7cadfdbd70389018
cups-devel-1.1.22-0.rc1.9.7.ppc.rpm
File outdated by:  RHSA-2009:1083		     e40bc2adb4e988b6cfc6a6f76ab3d361
cups-libs-1.1.22-0.rc1.9.7.ppc.rpm
File outdated by:  RHSA-2009:1083		     18c43f70e182dd5fc45af75678f47e92
cups-libs-1.1.22-0.rc1.9.7.ppc64.rpm
File outdated by:  RHSA-2009:1083		     44fc714c998b6c4a6ae88ffade39b55c
 
s390:
cups-1.1.22-0.rc1.9.7.s390.rpm
File outdated by:  RHSA-2009:1083		     017e4f6095f827dcd84351b1555ac841
cups-devel-1.1.22-0.rc1.9.7.s390.rpm
File outdated by:  RHSA-2009:1083		     3b66ab340809a2638405e34b02811e9a
cups-libs-1.1.22-0.rc1.9.7.s390.rpm
File outdated by:  RHSA-2009:1083		     75e83909b63136a6ba8ab2913d790e06
 
s390x:
cups-1.1.22-0.rc1.9.7.s390x.rpm
File outdated by:  RHSA-2009:1083		     7e7dc1aa097cadb6add6c1c9276632f3
cups-devel-1.1.22-0.rc1.9.7.s390x.rpm
File outdated by:  RHSA-2009:1083		     f871a5bfcc2b6a8d29a5809a9fef438d
cups-libs-1.1.22-0.rc1.9.7.s390.rpm
File outdated by:  RHSA-2009:1083		     75e83909b63136a6ba8ab2913d790e06
cups-libs-1.1.22-0.rc1.9.7.s390x.rpm
File outdated by:  RHSA-2009:1083		     ca9e6f369441b2e9049a5ee86cd330dc
 
x86_64:
cups-1.1.22-0.rc1.9.7.x86_64.rpm
File outdated by:  RHSA-2009:1083		     f8cdf81a6645b4b7c4955a36a35d0f2f
cups-devel-1.1.22-0.rc1.9.7.x86_64.rpm
File outdated by:  RHSA-2009:1083		     e6d59fe158d842f92594c3fc0f12a04a
cups-libs-1.1.22-0.rc1.9.7.i386.rpm
File outdated by:  RHSA-2009:1083		     83c915a577bb1e14ff7b41971c37088d
cups-libs-1.1.22-0.rc1.9.7.x86_64.rpm
File outdated by:  RHSA-2009:1083		     723689c347475e508dd2adf82d6c8a0c
 
Red Hat Enterprise Linux ES (v. 3)
SRPMS:
cups-1.1.17-13.3.31.src.rpm
File outdated by:  RHSA-2009:1083		     6fdfeda1620e95a6ed9141398adb88be
 
IA-32:
cups-1.1.17-13.3.31.i386.rpm
File outdated by:  RHSA-2009:1083		     6f53077afd334ef360da78265a1d3015
cups-devel-1.1.17-13.3.31.i386.rpm
File outdated by:  RHSA-2009:1083		     313336568455c6bf53c465b6b9ddfe6b
cups-libs-1.1.17-13.3.31.i386.rpm
File outdated by:  RHSA-2009:1083		     f38c9a11506ae85d5de4ddf721dfd1a0
 
IA-64:
cups-1.1.17-13.3.31.ia64.rpm
File outdated by:  RHSA-2009:1083		     0e3c6790b045e27c30c8546ef147a6b6
cups-devel-1.1.17-13.3.31.ia64.rpm
File outdated by:  RHSA-2009:1083		     da9e2d61e6ea694b691d43015d044648
cups-libs-1.1.17-13.3.31.i386.rpm
File outdated by:  RHSA-2009:1083		     f38c9a11506ae85d5de4ddf721dfd1a0
cups-libs-1.1.17-13.3.31.ia64.rpm
File outdated by:  RHSA-2009:1083		     42bbd422f83eae3bd94a67709aabc9b6
 
x86_64:
cups-1.1.17-13.3.31.x86_64.rpm
File outdated by:  RHSA-2009:1083		     d737dd5cb793f4ad445d93d33b48e082
cups-devel-1.1.17-13.3.31.x86_64.rpm
File outdated by:  RHSA-2009:1083		     75ad39e7ec8114ceb2dd1653df48f6c9
cups-libs-1.1.17-13.3.31.i386.rpm
File outdated by:  RHSA-2009:1083		     f38c9a11506ae85d5de4ddf721dfd1a0
cups-libs-1.1.17-13.3.31.x86_64.rpm
File outdated by:  RHSA-2009:1083		     7a874e6ac4f4b128041f150cc08a90bb
 
Red Hat Enterprise Linux ES (v. 4)
SRPMS:
cups-1.1.22-0.rc1.9.7.src.rpm     9b035487b0771701ede6d2127d250127
 
IA-32:
cups-1.1.22-0.rc1.9.7.i386.rpm
File outdated by:  RHSA-2009:1083		     4c7c20b95e38b497aa610332ce2d0551
cups-devel-1.1.22-0.rc1.9.7.i386.rpm
File outdated by:  RHSA-2009:1083		     b8863c846afdf0fce99de34e2ad0ee27
cups-libs-1.1.22-0.rc1.9.7.i386.rpm
File outdated by:  RHSA-2009:1083		     83c915a577bb1e14ff7b41971c37088d
 
IA-64:
cups-1.1.22-0.rc1.9.7.ia64.rpm
File outdated by:  RHSA-2009:1083		     3ff6481aeaeef012e63a7effe7aad71b
cups-devel-1.1.22-0.rc1.9.7.ia64.rpm
File outdated by:  RHSA-2009:1083		     133970e22eb1094d10c431809374e897
cups-libs-1.1.22-0.rc1.9.7.i386.rpm
File outdated by:  RHSA-2009:1083		     83c915a577bb1e14ff7b41971c37088d
cups-libs-1.1.22-0.rc1.9.7.ia64.rpm
File outdated by:  RHSA-2009:1083		     9b1edfb8aef5edfe2a77e717dd0908cd
 
x86_64:
cups-1.1.22-0.rc1.9.7.x86_64.rpm
File outdated by:  RHSA-2009:1083		     f8cdf81a6645b4b7c4955a36a35d0f2f
cups-devel-1.1.22-0.rc1.9.7.x86_64.rpm
File outdated by:  RHSA-2009:1083		     e6d59fe158d842f92594c3fc0f12a04a
cups-libs-1.1.22-0.rc1.9.7.i386.rpm
File outdated by:  RHSA-2009:1083		     83c915a577bb1e14ff7b41971c37088d
cups-libs-1.1.22-0.rc1.9.7.x86_64.rpm
File outdated by:  RHSA-2009:1083		     723689c347475e508dd2adf82d6c8a0c
 
Red Hat Enterprise Linux WS (v. 3)
SRPMS:
cups-1.1.17-13.3.31.src.rpm
File outdated by:  RHSA-2009:1083		     6fdfeda1620e95a6ed9141398adb88be
 
IA-32:
cups-1.1.17-13.3.31.i386.rpm
File outdated by:  RHSA-2009:1083		     6f53077afd334ef360da78265a1d3015
cups-devel-1.1.17-13.3.31.i386.rpm
File outdated by:  RHSA-2009:1083		     313336568455c6bf53c465b6b9ddfe6b
cups-libs-1.1.17-13.3.31.i386.rpm
File outdated by:  RHSA-2009:1083		     f38c9a11506ae85d5de4ddf721dfd1a0
 
IA-64:
cups-1.1.17-13.3.31.ia64.rpm
File outdated by:  RHSA-2009:1083		     0e3c6790b045e27c30c8546ef147a6b6
cups-devel-1.1.17-13.3.31.ia64.rpm
File outdated by:  RHSA-2009:1083		     da9e2d61e6ea694b691d43015d044648
cups-libs-1.1.17-13.3.31.i386.rpm
File outdated by:  RHSA-2009:1083		     f38c9a11506ae85d5de4ddf721dfd1a0
cups-libs-1.1.17-13.3.31.ia64.rpm
File outdated by:  RHSA-2009:1083		     42bbd422f83eae3bd94a67709aabc9b6
 
x86_64:
cups-1.1.17-13.3.31.x86_64.rpm
File outdated by:  RHSA-2009:1083		     d737dd5cb793f4ad445d93d33b48e082
cups-devel-1.1.17-13.3.31.x86_64.rpm
File outdated by:  RHSA-2009:1083		     75ad39e7ec8114ceb2dd1653df48f6c9
cups-libs-1.1.17-13.3.31.i386.rpm
File outdated by:  RHSA-2009:1083		     f38c9a11506ae85d5de4ddf721dfd1a0
cups-libs-1.1.17-13.3.31.x86_64.rpm
File outdated by:  RHSA-2009:1083		     7a874e6ac4f4b128041f150cc08a90bb
 
Red Hat Enterprise Linux WS (v. 4)
SRPMS:
cups-1.1.22-0.rc1.9.7.src.rpm     9b035487b0771701ede6d2127d250127
 
IA-32:
cups-1.1.22-0.rc1.9.7.i386.rpm
File outdated by:  RHSA-2009:1083		     4c7c20b95e38b497aa610332ce2d0551
cups-devel-1.1.22-0.rc1.9.7.i386.rpm
File outdated by:  RHSA-2009:1083		     b8863c846afdf0fce99de34e2ad0ee27
cups-libs-1.1.22-0.rc1.9.7.i386.rpm
File outdated by:  RHSA-2009:1083		     83c915a577bb1e14ff7b41971c37088d
 
IA-64:
cups-1.1.22-0.rc1.9.7.ia64.rpm
File outdated by:  RHSA-2009:1083		     3ff6481aeaeef012e63a7effe7aad71b
cups-devel-1.1.22-0.rc1.9.7.ia64.rpm
File outdated by:  RHSA-2009:1083		     133970e22eb1094d10c431809374e897
cups-libs-1.1.22-0.rc1.9.7.i386.rpm
File outdated by:  RHSA-2009:1083		     83c915a577bb1e14ff7b41971c37088d
cups-libs-1.1.22-0.rc1.9.7.ia64.rpm
File outdated by:  RHSA-2009:1083		     9b1edfb8aef5edfe2a77e717dd0908cd
 
x86_64:
cups-1.1.22-0.rc1.9.7.x86_64.rpm
File outdated by:  RHSA-2009:1083		     f8cdf81a6645b4b7c4955a36a35d0f2f
cups-devel-1.1.22-0.rc1.9.7.x86_64.rpm
File outdated by:  RHSA-2009:1083		     e6d59fe158d842f92594c3fc0f12a04a
cups-libs-1.1.22-0.rc1.9.7.i386.rpm
File outdated by:  RHSA-2009:1083		     83c915a577bb1e14ff7b41971c37088d
cups-libs-1.1.22-0.rc1.9.7.x86_64.rpm
File outdated by:  RHSA-2009:1083		     723689c347475e508dd2adf82d6c8a0c
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

164510 - CAN-2005-2097 pdf flaw


References

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2097

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/